diff --git a/heimserver/configuration.nix b/heimserver/configuration.nix index b5017f8..b79a65e 100644 --- a/heimserver/configuration.nix +++ b/heimserver/configuration.nix @@ -14,6 +14,7 @@ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix + specialArgs.inputs.vscode-server.nixosModules.default ]; # System basics @@ -44,45 +45,44 @@ # i18n.defaultLocale = "en_US.UTF-8"; # Networking - networking = { - hostName = "heimserver"; - useDHCP = false; - hostId = "5506a8e7"; - interfaces.eth0.ipv4.addresses = [ - { - address = "192.168.69.69"; - prefixLength = 24; - } - ]; - defaultGateway = "192.168.69.1"; - #nameservers = [ "1.1.1.1" ]; - firewall.enable = true; - firewall.allowedTCPPorts = [ - 22 - 53 - 80 - 443 - 2222 # forgejo ssh - 8184 # forgejo frontend - 8123 # homeassistant - 5580 # homeassistant matter - 2283 # immich - 3003 # immich ml - 1984 # frigate go2rtc - 8971 # frigate - 8554 # frigate rtsp - 8555 # frigate rtsp - 2055 # ntopng sink - 8182 # ntopng frontend - 8183 # adguardhome frontend - 9000 - ]; - firewall.allowedUDPPorts = [ - 53 - 8555 # frigate rtsp - 2055 # ntopng sink - ]; - }; + networking.hostName = "nixos-server"; + networking.useDHCP = false; + networking.hostId = "5506a8e7"; + networking.interfaces.eth0.ipv4.addresses = [ + { + address = "192.168.69.69"; + prefixLength = 24; + } + ]; + networking.defaultGateway = "192.168.69.1"; + #networking.nameservers = [ "1.1.1.1" ]; + networking.firewall.enable = true; + networking.firewall.allowedTCPPorts = [ + 22 + 53 + 80 + 443 + 2222 # forgejo ssh + 8184 # forgejo frontend + 8123 # homeassistant + 5580 # homeassistant matter + 2283 # immich + 3003 # immich ml + 1984 # frigate go2rtc + 8971 # frigate + 8554 # frigate rtsp + 8555 # frigate rtsp + 2055 # ntopng sink + 8182 # ntopng frontend + 3000 # adguardhome frontend + 8183 # adguardhome frontend + 9000 + ]; + networking.firewall.allowedUDPPorts = [ + 53 + 8555 # frigate rtsp + 2055 # ntopng sink + ]; # Users users.users.root = { @@ -100,6 +100,7 @@ # Packages environment.systemPackages = with pkgs; [ + vim nano wget curl @@ -227,12 +228,6 @@ }; }; - # systemd.services.forgejo.preStart = - # '' - # ${lib.getExe cfg.package} admin user create --admin --email "root@localhost" --username crazychaoz --password temp123 || true - # ''; - - # services.borgbackup.jobs."forgejo" = { # paths = config.services.forgejo.repositoryRoot; # repo = "/backup/forgejo"; @@ -261,6 +256,10 @@ }; }; + # systemd.services.forgejo.preStart = + # '' + # ${lib.getExe cfg.package} admin user create --admin --email "root@localhost" --username crazychaoz --password temp123 || true + # ''; # Virtualisation virtualisation = { @@ -308,19 +307,7 @@ "--privileged" ]; }; - containers.mosquitto = { - #autoStart = true; - volumes = [ - "mosquitto:/mosquitto" - "/run/dbus:/run/dbus:ro" - "/etc/localtime:/etc/localtime:ro" - ]; - # Note: The image will not be updated on rebuilds, unless the version label changes - image = "eclipse-mosquitto"; - extraOptions = [ - "--network=host" - ]; - }; + containers.frigate = { #autoStart = true; volumes = [ @@ -336,6 +323,19 @@ "--network=host" ]; }; + containers.mosquitto = { + #autoStart = true; + volumes = [ + "mosquitto:/mosquitto" + "/run/dbus:/run/dbus:ro" + "/etc/localtime:/etc/localtime:ro" + ]; + # Note: The image will not be updated on rebuilds, unless the version label changes + image = "eclipse-mosquitto"; + extraOptions = [ + "--network=host" + ]; + }; containers.netflow2ng = { # Note: The image will not be updated on rebuilds, unless the version label changes image = "synfinatic/netflow2ng:v0.1.0"; @@ -362,7 +362,7 @@ interfaces = [ "tcp://0.0.0.0:5556" ]; extraConfig = '' --dns-mode 1 - --local-networks "185.27.122.0/24=WAN,192.168.69.0/24=LAN,192.168.42.0/24=Wireguard"''; + --local-networks "185.27.122.0/24=WAN,192.168.69.0/24=LAN"''; }; services.influxdb.enable = true; @@ -395,7 +395,6 @@ "nix-command" "flakes" ]; - nix.gc = { automatic = true; dates = "weekly";